PHPackages torchlighttechnology/api-security-plugin - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [API Development](/categories/api) 4. / 5. torchlighttechnology/api-security-plugin ActiveCakephp-plugin[API Development](/categories/api) torchlighttechnology/api-security-plugin ======================================== ApiGateway plugin for CakePHP v2.1(3y ago)05.8kMITPHPCI failing Since May 14Pushed 3y ago3 watchersCompare [ Source](https://github.com/Torchlight-Technology/api-security-plugin)[ Packagist](https://packagist.org/packages/torchlighttechnology/api-security-plugin)[ RSS](/packages/torchlighttechnology-api-security-plugin/feed)WikiDiscussions master Synced 5d ago READMEChangelog (10)Dependencies (3)Versions (16)Used By (0) ApiGateway plugin for CakePHP ============================= [](#apigateway-plugin-for-cakephp) Description ----------- [](#description) This CakePHP 3 plugin allows the user to specify which controller/methods are used as API endpoints through a basic UI, and enforce AWS APIGateway request parameters. For the endpoints which are specified, the plugin checks for the 'x-api-key' header in the request and verifies the value is an enabled API Key in your AWS APIGateway account. Invalid requests result in a Cake\\Controller\\Exception\\AuthSecurityException being thrown. Installation ------------ [](#installation) You can install this plugin into your CakePHP application using [composer](http://getcomposer.org). The recommended way to install composer packages is: ``` composer require torchlighttechnology/api-security-plugin ``` Configuration ------------- [](#configuration) Load the plugin in the host app's config/bootstrap.php file: ``` Plugin::load('ApiGateway', ['bootstrap' => true, 'routes' => true]); ``` Add the namespace into the host app's composer.json file, in the autoload-dev section: ``` "ApiGateway\\Test\\": "vendor/torchlighttechnology/api-security-plugin/tests/" ``` Add the AwsAuthenticator Component in the host app's src/Controller/AppController.php: ``` public function initialize() { parent::initialize(); $this->loadComponent('ApiGateway.AwsAuthenticator'); } ``` Run the ApiGateway migrations: ``` bin/cake migrations migrate -p ApiGateway ``` ### Environment variables [](#environment-variables) ApiGateway plugin uses the AWS API to retrieve the valid AWS API Gateway keys, and it uses Redis for caching method names and API calls. The plugin relies on environment variables to make the connection to Redis and AWS. The AWS environment variables you need to set are: ``` ASSUME_ROLE_ARN ``` The Redis environment variables you need to set are: ``` REDIS_SERVER ``` The default value for REDIS\_SERVER is localhost. If you don't want to use Redis you can use File caching by setting REDIS\_ENGINE env variable to 'File' (REDIS\_SERVER var will then be ignored). Setup ----- [](#setup) Once you have properly configured the plugin, navigate to . Click on 'Configure End Points'. You should see a list of controller names with their method names as checkboxes. Select the methods that you want the plugin to protect. There is also a Clear AWS API Cache button. This will invalidate the Redis cache, and on the next call to a protected endpoint, it will refresh with the latest API Keys from AWS APIGateway. ### Health Score 33 — LowBetter than 75% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity17 Limited adoption so far Community13 Small or concentrated contributor base Maturity71 Established project with proven stability Bus Factor1 Top contributor holds 78.3% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~135 days Recently: every ~369 days Total 12 Last Release 1430d ago Major Versions v1.3 → v2.02022-06-06 ### Community Maintainers ![](https://www.gravatar.com/avatar/b34c8cf0202a169795242cbf2a7b55588a2ced7942cc7462a3c76a816de8ce6a?d=identicon)[\_waffles](/maintainers/_waffles) --- Top Contributors [![guyandy](https://avatars.githubusercontent.com/u/18150451?v=4)](https://github.com/guyandy "guyandy (18 commits)")[![gitcarl](https://avatars.githubusercontent.com/u/19785654?v=4)](https://github.com/gitcarl "gitcarl (2 commits)")[![perichin](https://avatars.githubusercontent.com/u/9864237?v=4)](https://github.com/perichin "perichin (2 commits)")[![stevewaffles](https://avatars.githubusercontent.com/u/2625357?v=4)](https://github.com/stevewaffles "stevewaffles (1 commits)") ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/torchlighttechnology-api-security-plugin/health.svg) ``` [![Health](https://phpackages.com/badges/torchlighttechnology-api-security-plugin/health.svg)](https://phpackages.com/packages/torchlighttechnology-api-security-plugin) ``` ### Alternatives [sociallydev/spaces-api Library for accessing Digital Ocean spaces 218428.6k](/packages/sociallydev-spaces-api)[thephalcons/amazon-webservices-bundle A Symfony2 Bundle for interfacing with Amazon Web Services (AWS) 110224.7k](/packages/thephalcons-amazon-webservices-bundle)[friendsofcake/crud-json-api Listener for building CakePHP Crud APIs following the JSON API specification. 58445.4k3](/packages/friendsofcake-crud-json-api)[cnizzardini/cakephp-swagger-bake Automatically generate OpenApi, Swagger, and Redoc documentation from your existing cakephp project 60171.2k4](/packages/cnizzardini-cakephp-swagger-bake)[keboola/storage-api-client Keboola Storage API PHP Client 10387.5k25](/packages/keboola-storage-api-client)[jasara/php-amzn-selling-partner-api A fluent interface for Amazon's Selling Partner API in PHP 1344.8k1](/packages/jasara-php-amzn-selling-partner-api) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)